﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;
using VaccineEbook.Models;

namespace VaccineEbook.Controllers
{
    public class AccountController : Controller
    {
        string _messageError = "";
        //
        // GET: /Account/

        public ActionResult Index()
        {
            return View();
        }

        [AllowAnonymous]
        public ActionResult Login()
        {
            return View();
        }

        [AllowAnonymous]
        [HttpPost]
        public ActionResult Login(AccountModel.LoginModel model, string returnUrl)
        {
            if (ModelState.IsValid)
            {
                Models.DBEntity.User user = Models.DBEntity.User.LoginOnWeb(model.Username, model.Password, ref _messageError);
                if (user != null)
                {
                    //NGhia: catch UserName, Session, về returnUrl nếu có, nếu không về Home
                    _messageError = "Login successful";
                    Session["User"] = user;
                    FormsAuthentication.SetAuthCookie(user.Username, model.RememberMe);

                    if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
                            && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
                    {
                        return Redirect(returnUrl);
                    }
                    return RedirectToAction("Index", "User");
                }
                else
                {
                    _messageError = "Username or Password wrong";
                }
            }

            ModelState.AddModelError("", _messageError);
            return View(model);
        }

        public ActionResult Logout()
        {
            //Nghia: xóa catch, đến trang Login
            Session.Abandon();
            Session.Clear();
            FormsAuthentication.SignOut();
            return View();
        }

        // GET: /Account/ResetPassword        
        [AllowAnonymous]
        //[ValidateAntiForgeryToken]
        public ActionResult ResetPassword()
        {
            string username = System.Web.HttpContext.Current.User.Identity.Name;
            if (!String.IsNullOrEmpty(username) && username != "")
                return View();
            else
                return RedirectToAction("Index", "User");
        }
        [HttpPost]
        [ValidateAntiForgeryToken]
        public ActionResult ResetPassword(AccountModel.ChangePasswordModel model)
        {
             string username = System.Web.HttpContext.Current.User.Identity.Name;
            if (!ModelState.IsValid)
            {
                return View(model);
            }
            bool result = Models.DBEntity.User.ResetPassword(username, model.OldPassword,model.NewPassword, ref _messageError);
            //var result = await UserManager.ChangePasswordAsync(User.Identity.GetUserId(), model.OldPassword, model.NewPassword);
            if (result)
            {
                //var user = await UserManager.FindByIdAsync(User.Identity.GetUserId());
                //if (user != null)
                //{
                //    await SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false);
                //}
                _messageError = "Password reset successfully.";

                return RedirectToAction("Index", "User");
            }
            else
            {
                _messageError = "Password change was unsuccessful.";
            }
            ModelState.AddModelError("", _messageError);
            return View(model);
        }



    }
}
